[solved] OWA/ECP login loop on Exchange 2010/13/16

On Exchange server, configuring virtual directory might be pain sometime. A simple misconfiguration of Virtual directory might be the worst nightmare and create login loop, because I had this few days back. While configuring additional CAS server after few changes done on the Virtual directory, my OWA/ECP page start to go on loop whenever I tried to get login. I was on dark what mistake I had made. So, I tried to list down what might the issue that is causing on looping of my OWA/ECP page. While listing down, I have found two things.

SSL Certificate.

Issue with configuration of Virtual Directory.

SSL Certificate can also be the reason behind this kind of issue. So, you need to make sure you do have correct SSL assigned with IMAP, POP, IIS and SMTP. Also 2nd thing is that SSL certificate is across all of your Exchange server. If the issue is with SSL Certificate, you are lucky and can be resolve easily. But with virtual directory it is not so.

On my Earlier Blog, you can find how to configure Virtual Directory. But as going on, I came for the conclusion with that might not be enough if OWA/ECP login loop issue arises. Hence, here I have made an Table with the specific configuration required while configuring the OWA/ECP Virtual Directory.

On the IIS Manager expand to the default web site and check if the configuration you have made are as of the below Table are not.

Similarly, only configuration of Default website is not going to solve this issue. Hence you need more Knowledge on configuration of Exchange Back End site too, else you will keep on going loop. Below is the detail configuration you can have on Exchange Back End.

Table: Exchange Back End Virtual Directory Configuration.

Virtual directory

IIS Default Authentication methods

IIS SSL settings

HTTP Redirect

Exchange Back End

• Not Required

Yes

Autodiscover

• Anonymous authentication
• Windows authentication

• SSL required
• Ignore client certificates

No

ecp

• Anonymous authentication
• Windows authentication

• SSL required
• Ignore client certificates

No

EWS

• Anonymous authentication
• Windows authentication

• SSL required
• Ignore client certificates

No

Exchange*

• SSL required
• Ignore client certificates

No

Exchweb*

• SSL required
• Ignore client certificates

No

mapi*

• Anonymous authentication

• SSL required
• Ignore client certificates

No

Microsoft-Server-ActiveSync

• Basic authentication

• SSL required
• Ignore client certificates

No

OAB

• Windows authentication

• SSL required
• Ignore client certificates

No

owa

• Anonymous authentication
• Windows authentication

• SSL required
• Ignore client certificates

No

owa\Calender

• Anonymous authentication

• Ignore client certificates

No

PowerShell

• Windows authentication

• SSL required
• Accept client certificates

No

Public*

• SSL required
• Ignore client certificates

No

PushNotifications

• Anonymous authentication
• Windows authentication

• SSL required
• Ignore client certificates

No

Rpc

• Windows authentication

• Ignore client certificates

No

RpcWithCert

• Windows authentication

• Ignore client certificates

No

I hope this will help you solving the Exchange OWA/ECP login loop issue. 🙂